CVE-2017-17443
First published: Wed Jun 13 2018(Updated: )
OPC Foundation Local Discovery Server (LDS) 1.03.370 required a security update to resolve multiple vulnerabilities that allow attackers to trigger a crash by placing invalid data into the configuration file. This vulnerability requires an attacker with access to the file system where the configuration file is stored; however, if the configuration file is altered the LDS will be unavailable until it is repaired.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Opcfoundation Local Discovery Server | =1.03.370 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2017-17443?
CVE-2017-17443 is a vulnerability in the OPC Foundation Local Discovery Server (LDS) 1.03.370 that allows attackers to trigger a crash by placing invalid data into the configuration file.
How severe is CVE-2017-17443?
CVE-2017-17443 has a severity rating of 6.5, which is considered medium.
How do I fix CVE-2017-17443?
To fix CVE-2017-17443, you need to apply the required security update provided by the OPC Foundation for Local Discovery Server version 1.03.370.
Where can I find more information about CVE-2017-17443?
You can find more information about CVE-2017-17443 in the OPC Foundation Security Bulletin available at https://opcfoundation-onlineapplications.org/faq/SecurityBulletins/OPC_Foundation_Security_Bulletin_CVE-2017-17443.pdf.
What is the Common Weakness Enumeration (CWE) for CVE-2017-17443?
The Common Weakness Enumeration (CWE) for CVE-2017-17443 is CWE-20, which is a vulnerability related to improper input validation.
- collector/nvd-index
- vendor/opcfoundation
- product/local discovery server
- canonical/opcfoundation local discovery server